ASUS P9A-I/C2550/SAS/4L Support

I'm completely new to pfsense and would like to build a router for home. From what I've read (on the forum) it doesn't appear that throughput is anything I need to worry about, but I would like to run a number of packages for security and VOIP. As I'm in the UK much of the hardware I read about on here does not seem to be available to me, without getting it shipped from the US and all the issues that entails.

I wondered if an ASUS P9A-I/C2550/SAS/4L would be suitable? I've read on here about a Supermicro board that seems similar but is much more expensive in the UK than in the US. We seem to pay in £ what it costs in $ in the US, plus we then have 20% tax on top! This board seems very similar and Asus boards tend to be more available here, so I'm hoping I might be able to find it at a reasonable price. If not, is there a similar board that anyone can recommend? I'd like something silent as it needs to sit right next to me desk.

Could I also ask, is it possible to cache all image files on the box and is it possible to block ad's on it? I block ad's in Firefox on my PC but it would be great to be able to block them at the router so that I can block them once for all my devices. If this is possible what would I need to do it?

That Asus board looks pretty sweet! :) Similar to the Supermicro as you say but hopefully cheaper. No idea about what support for the Asus management features there may be but the rest looks fairly standard. Can you use the 5th LAN for example? I would not expect issues with this board but the same could be said for several recent Gigabyte boards that all gave problems booting pfSense due to a BIOS bug.
There is no need to use the board with SAS features when the potentially cheaper version is availble without them:http://www.asus.com/Commercial_Servers_Workstations/P9AIC25504L/

As you say you should have no problems with throughput in the UK but what bandwidth do you have? Will you be upgrading?

You can run the web proxy Squid with the Squidguard web filter on the box the block ads and cache images. Check the docs wiki.

Thanks for the reply. I didn't realize the forum had logged me out so I couldn't see how to respond ;D

I saw the other board but thought I could use it for a server if pfSense didn't work. I haven't yet found prices in the UK so it's not clear how much more it would cost. Do you know whether the BIOS issues for the Gigabyte have been resolved?

My broadband connection is currently 20Mb but my ISP is upgrading it to 30Mb sometime this year. Apart from streaming some video I don't think I use much, although I haven't checked. My main concern is increasing my security and blocking ad's etc. on portable devices. I can't see my usage increasing much unless something like 4K video takes off as a streaming format. I hope to use Asterisk and drop my standard phone line but I'm assuming that is not a heavy bandwidth user?

Hmm, well that board is going to be well over powered for that application. I like your thinking ahead about what to do if pfSense has some issue. :) Maybe consider running pfSense as a VM and use the remaining CPU power for other VMs, the server you referred to perhaps.
20 and 30Mbps are unusual speeds for the UK market, what connection type do you have? Are those estimated real speeds at your doorstep?

The last time I tested the speed I was getting 12Mb on a 20Mb fibre link but I've only ever tested it once. Fibre is gradually rolling out across the UK so many places are offering 100Mb now. But in rural communities people are often lucky to get 2Mb. It is hit and miss though. A really small village I checked was getting 12Mb but just two miles up the road they didn't even get 2Mb. The government has been giving money to sponsor broadband speed increases but that is taking a long time to roll-out. It's now beginning to affect house prices so there is pressure on the government to fix it and I think the EU has now stipulated that no new housing developments can be built without fibre. Obviously, it is dependent on usage in the area since most places are fibre to the street and then copper to the house, but there is a big campaign to stop companies using the phrase "up to" when they advertise broadband speeds. My ISP has upgraded me twice without even asking me and the upgrade to 30Mb is happening without any discussion. 50Mb is just over £20 per month but I've no idea how that compares with other countries. In the UK they charge on top for "line rental" but the £20 deal is the only one I have seen that you can just have fibre without the line rental.

I thought about running in a VM but I read something saying pfSense wouldn't run on Hyper-V and I've completely lost touch with VMware as they kept renaming their products :) Is there a post/documentation you can point me to with instructions? I've run VMWare Workstation and VirtualBox on a PC but I've never run a server version.

I have only ever run pfSense virtualised under ESXi where, last time I tried, it worked pretty much perfectly. I believe it will also run fine under several other hypervisors. See the virtualisation subforum for details.

Most connections I have dealt with have been upto 24Mbps ADSL2+, 40 or 80Mbps FTTC or cable at 50 or 100Mbps. I'm least familiar with cable though. I'm in London.

Running a 30Mbps connection with Squid and Asterisk could be done with pretty much any old Atom system. Using a Rangely box and not running it as a VM host would be a waste. That's just my opinion though. ;)

Sorry, when you said the speeds were unusual for the UK market I assumed you were from the US and I thought you meant it as a question. Do you not have much higher speeds in London? I'm on the Virgin network and they keep increasing the speeds without asking me. I think 30Mb is their new base speed, or at least they are not offering me a slower speed. If I want to loose the line rental part I think I have to go to 50Mb, but I could be wrong. They don't make it easy to understand all the option and Uswitch doesn't even list Virgin as a supplier for my location :) I'm not sure why they are making me go to 30Mb since I understand it requires a new "superhub" that they will be supplying for free. I'm not complaining you understand, but I just don't think I need it. I'm hoping to move house/location soon and I'm dreading dealing with a BT based network. Not sure if that is fair, but I really want to drop the line-rental part and move to Asterisk. Do you think that is a good idea?

I tried ESXi a while back but it refused to work with my network card and so I gave up, but when I went back to try it again it seemed to be replaced by a version of Sphere(?) and I couldn't work out were to find the free version, so I gave up.

From what you saying I take it that you wouldn't expect my situation to require much CPU power? Most of what I've read on here seems to be about bandwidth usage so I haven't really got a sense of the CPU usage. If I run the packages you suggest will that not require a reasonable amount of CPU? Sorry, if it is a stupid question but I don't really get how these new Atoms fit into the CPU hierarchy anymore. I've read that they are more powerful than the old ones but I don't know by how much and I don't get how much CPU pfSense and the packages I need would require. Are there any downsides to running it virtualised? I need to start reading that section of the forum, but I'd be interested in your views.

Like I say I am least familiar with cable connections as I don't use one myself. Virgin are forever posting flyers through my door telling me what great speeds they offer though. ::) 100Mbps+. FTTC connections I have tested always seem to get close to the advertised 40 or 80Mbps. ADSL2+ can vary considerbly, where I am I get ~23Mbps out of a possible 24 but I've spent time troubleshooting in places where getting 2Mbps is a good day. If you're going back to ADSL I cannot recommend strongly enough Plusnet. They have real IT people on their support forum who can, and will, actually get things fixed for you. If you can get a FTTC connection you'll find it much more consistent than any DSL. If I could drop the phone line I would do it in a heartbeat. I would be doing it in favour of a mobile though, I have to keep reminding myself to use the landline otherwise it just wouldn't ever be used. I mostly use Skype for anything else like international calls etc.

It's a while since I used ESXi I would have to investigate it again.
The one big disadvantage to running virtualised is that if you have to power down the host box for any reason you loose everything, all your VMs. For home use that's often not really an issue though.

I completely agree the new Rangley Atoms are oddly named they are nothing like the previous generation of Atoms. Gonzopancho recently compared the performance of the C2758 and being equivalent to a server style Xeon from a few years ago. They are in a whole different league to older atoms like the D525. To give you some idea the D525 can firewall+NAT at ~500Mbps or push VPN traffic at ~50Mbps. It would have no problem at 30Mbps with Squid.

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.